HackMD
Deploy OpenStack using Kolla-Ansible
last update: 2022-12-09
tags: openstack, kolla-ansible
Use Kolla-Ansible to deploy a OpenStack.
Run NFS server on controller host as Cinder backend and for cinder-backup.
Lab Environment
Hosts
Hostname | Role and Spec.
--------------------------------------------------------------
nuc10 | deploy (Ubuntu 22.04)
nuc111 | controller (Ubuntu 20.04, 4CPU, 32G RAM, 192.168.1.23)
nuc71 | compute (Ubuntu 20.04, 2CPU, 16G RAM, 192.168.1.24)
nuc72 | compute (Ubuntu 20.04, 2CPU, 16G RAM, 192.168.1.25)
nuc73 | compute (Ubuntu 20.04, 2CPU, 16G RAM, 192.168.1.26)
NICs:
eno1: internal (192.168.1.0/24)
eno2: external
NOTE: The eno2 interface is a "USB" NIC, rename it to eno2 base on mac address on each host.
Account username: "ubuntu"
Prerequest
Add hosts to /etc/hosts in all hosts
192.168.1.15 NUC10i5FNH nuc10
192.168.1.22 NUC11ATKC42 nuc112
192.168.1.23 NUC11ATKC41 nuc111
192.168.1.24 NUC7CJYHN1 nuc71
192.168.1.25 NUC7CJYHN2 nuc72
192.168.1.26 NUC7CJYHN3 nuc73
Set key-based authentication over ssh
ycheng@NUC10:~$ ssh-keygen
ycheng@NUC10:~$ ssh-copy-id nuc111
ycheng@NUC10:~$ ssh-copy-id nuc71
ycheng@NUC10:~$ ssh-copy-id nuc72
ycheng@NUC10:~$ ssh-copy-id nuc73
Configure host network interface. For example on nuc111
ubuntu@nuc111:~$ cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
ethernets:
eno1:
dhcp4: false
link-local: []
addresses:
- 192.168.1.23/24
gateway4: 192.168.1.1
nameservers:
addresses:
- 8.8.8.8
- 8.8.4.4
eno2:
dhcp4: false
link-local: []
match:
macaddress: f8:e4:3b:87:00:1f
set-name: eno2
version: 2
ubuntu@nuc111:~$ sudo netplan try
ubuntu@nuc111:~$ sudo netplan apply
NOTE: Do not configure IP address on eno2 interface.
Add user to /etc/sudoers for no password sudo
ubuntu ALL=(ALL) NOPASSWD:ALL
NOTE: Refer "Use local docker registry to deploy" section for using local registry.
1. Setup kolla ansible on deploy node
Install dependency packages on
ycheng@NUC10:~$ sudo apt update -y
ycheng@NUC10:~$ sudo apt install python3-dev libffi-dev gcc libssl-dev -y
Install python virtual environment for kolla-ansible
ycheng@NUC10:~$ sudo apt install python3-venv -y
ycheng@NUC10:~$ python3 -m venv ~/Data/kolla-ansible-venv
ycheng@NUC10:~$ source ~/Data/kolla-ansible-venv/bin/activate
(kolla-ansible-venv) ycheng@NUC10:~$
(kolla-ansible-venv) ycheng@NUC10:~$ pip install -U pip
(kolla-ansible-venv) ycheng@NUC10:~$ pip install 'ansible>=4,<6'
Install Kolla-ansible
(kolla-ansible-venv) ycheng@NUC10:~$ pip install git+https://opendev.org/openstack/kolla-ansible@master
(kolla-ansible-venv) ycheng@NUC10:~$ sudo mkdir -p /etc/kolla
(kolla-ansible-venv) ycheng@NUC10:~$ sudo chown $USER:$USER /etc/kolla/
(kolla-ansible-venv) ycheng@NUC10:~$ ls -ld /etc/kolla/
drwxr-xr-x 2 ycheng ycheng 4096 Nov 5 16:01 /etc/kolla/
(kolla-ansible-venv) ycheng@NUC10:~$ cp -r ~/Data/kolla-ansible-venv/share/kolla-ansible/etc_examples//kolla/* /etc/kolla/
(kolla-ansible-venv) ycheng@NUC10:~$ cp ~/Data/kolla-ansible-venv/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/
NOTE: for all-in-one deploy, use ~/Data/kolla-ansible-venv/share/kolla-ansible/ansible/inventory/all-in-one
Install Ansible Galaxy requirements
(kolla-ansible-venv) ycheng@NUC10:~$ kolla-ansible install-deps
Installing Ansible Galaxy dependencies
Starting galaxy collection install process
Process install dependency map
Cloning into '/home/ycheng/.ansible/tmp/ansible-local-111805_n2pn0om/tmp5syatw1g/ansible-collection-kolla9pniyzg2'...
remote: Enumerating objects: 150, done.
remote: Counting objects: 100% (150/150), done.
remote: Compressing objects: 100% (97/97), done.
remote: Total 409 (delta 120), reused 53 (delta 53), pack-reused 259
Receiving objects: 100% (409/409), 79.20 KiB | 477.00 KiB/s, done.
Resolving deltas: 100% (159/159), done.
Already on 'master'
Your branch is up to date with 'origin/master'.
Starting collection install process
Installing 'openstack.kolla:1.0.0' to '/home/ycheng/.ansible/collections/ansible_collections/openstack/kolla'
Created collection for openstack.kolla:1.0.0 at /home/ycheng/.ansible/collections/ansible_collections/openstack/kolla
openstack.kolla:1.0.0 was installed successfully
(kolla-ansible-venv) ycheng@NUC10:~$
Configure Ansible
(kolla-ansible-venv) ycheng@NUC10:~$ cat /etc/ansible/ansible.cfg
[default]
deprecation_warnings=False
host_key_checking=False
pipelining=True
forks=100
Prepare initial configuration
(kolla-ansible-venv) ycheng@NUC10:~$ cd /etc/kolla/
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ ls -l
total 52
-rw-rw-r-- 1 ycheng ycheng 32632 Nov 5 16:07 globals.yml
-rw-rw-r-- 1 ycheng ycheng 9490 Nov 5 16:25 multinode
-rw-rw-r-- 1 ycheng ycheng 5163 Nov 5 16:07 passwords.yml
Edit multinode inventory file
1 # These initial groups are the only groups required to be modified. The
2 # additional groups are for more control of the environment.
3 [control]
4 # These hostname must be resolvable from your deployment host
5 nuc111
6
7 # The above can also be specified as follows:
8 #control[01:03] ansible_user=kolla
9
10 # The network nodes are where your l3-agent and loadbalancers will run
11 # This can be the same as a host in the control group
12 [network:children]
13 control
14
15 [compute]
16 nuc7[1:3]
17
18 [monitoring:children]
19 control
20
21 # When compute nodes and control nodes use different interfaces,
22 # you need to comment out "api_interface" and other interfaces from the globals.yml
23 # and specify like below:
24 #compute01 neutron_external_interface=eth0 api_interface=em1 tunnel_interface=em1
25
26 [storage:children]
27 control
NOTE: I use "network:children", "storage:children" and "monitoring:children" to add "control" as children group. Use hostname if you do not want to use children groups.
Check inventory
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ ansible -i multinode all -m ping
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
localhost | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
nuc111 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
nuc72 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
nuc73 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
nuc71 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
Set Kolla passwords
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-genpwd
Edit global.yml file as below
48 # This should be a VIP, an unused IP on your network that will float between
49 # the hosts running keepalived for high-availability. If you want to run an
50 # All-In-One without haproxy and keepalived, you can set enable_haproxy to no
51 # in "OpenStack options" section, and set this value to the IP of your
52 # 'network_interface' as set in the Networking section below.
53 #kolla_internal_vip_address: "10.10.10.254"
54 kolla_internal_vip_address: "192.168.1.250"
111 ##############################
112 # Neutron - Networking Options
113 ##############################
114 # This interface is what all your api services will be bound to by default.
115 # Additionally, all vxlan/tunnel and storage network traffic will go over this
116 # interface by default. This interface must contain an IP address.
117 # It is possible for hosts to have non-matching names of interfaces - these can
118 # be set in an inventory file per host or per group or stored separately, see
119 # http://docs.ansible.com/ansible/intro_inventory.html
120 # Yet another way to workaround the naming problem is to create a bond for the
121 # interface on all hosts and give the bond name here. Similar strategy can be
122 # followed for other types of interfaces.
123 #network_interface: "eth0"
124 network_interface: "eno1"
149 # This is the raw interface given to neutron as its external network port. Even
150 # though an IP address can exist on this interface, it will be unusable in most
151 # configurations. It is recommended this interface not be configured with any IP
152 # addresses for that reason.
153 #neutron_external_interface: "eth1"
154 neutron_external_interface: "eno2"
302 # OpenStack services can be enabled or disabled with these options
303 #enable_aodh: "no"
304 #enable_barbican: "no"
305 #enable_blazar: "no"
306 #enable_ceilometer: "no"
307 #enable_ceilometer_ipmi: "no"
308 #enable_cells: "no"
309 #enable_central_logging: "no"
310 #enable_ceph_rgw: "no"
311 #enable_ceph_rgw_loadbalancer: "{{ enable_ceph_rgw | bool }}"
312 #enable_cinder: "no"
313 enable_cinder: "yes"
314 #enable_cinder_backup: "yes"
315 enable_cinder_backup: "yes"
316 #enable_cinder_backend_hnas_nfs: "no"
317 #enable_cinder_backend_iscsi: "{{ enable_cinder_backend_lvm | bool }}"
318 #enable_cinder_backend_lvm: "no"
319 #enable_cinder_backend_nfs: "no"
320 enable_cinder_backend_nfs: "yes"
544 # Valid options are [ nfs, swift, ceph ]
545 #cinder_backup_driver: "ceph"
546 #cinder_backup_share: ""
547 #cinder_backup_mount_options_nfs: ""
548 cinder_backup_driver: "nfs"
549 cinder_backup_share: "nuc111:/kolla_nfs"
550 cinder_backup_mount_options_nfs: ""
Create "nfs_shares" file with nfs configuration
ycheng@NUC10:/etc/kolla$ mkdir config
ycheng@NUC10:/etc/kolla$ cat config/nfs_shares
nuc111:/kolla_nfs
2. Setup NFS server on controller for cinder backend
root@nuc111:~# apt install nfs-kernel-server -y
root@nuc111:~# cat /etc/exports
/kolla_nfs 192.168.1.0/24(rw,sync,no_root_squash)
root@nuc111:~# mkdir /kolla_nfs
root@nuc111:~# systemctl start nfs-kernel-server
root@nuc111:~# systemctl status nfs-kernel-server
● nfs-server.service - NFS server and services
Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled)
Drop-In: /run/systemd/generator/nfs-server.service.d
└─order-with-mounts.conf
Active: active (exited) since Sat 2022-11-05 11:51:21 UTC; 24min ago
Process: 67275 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
Process: 67276 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
Main PID: 67276 (code=exited, status=0/SUCCESS)
Nov 05 11:51:19 nuc111 systemd[1]: Starting NFS server and services...
Nov 05 11:51:19 nuc111 exportfs[67275]: exportfs: /etc/exports [1]: Neither 'subtree_check' or 'no_subtree_check' specified for export "192.168.1.0/24:/kolla_nfs".
Nov 05 11:51:19 nuc111 exportfs[67275]: Assuming default behaviour ('no_subtree_check').
3. Deployment
Bootstrap servers with kolla deploy dependencies
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-ansible -i ./multinode bootstrap-servers
... output omit
PLAY RECAP *********************************************************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
nuc111 : ok=31 changed=15 unreachable=0 failed=0 skipped=21 rescued=0 ignored=0
nuc71 : ok=30 changed=14 unreachable=0 failed=0 skipped=22 rescued=0 ignored=0
nuc72 : ok=30 changed=14 unreachable=0 failed=0 skipped=22 rescued=0 ignored=0
nuc73 : ok=30 changed=14 unreachable=0 failed=0 skipped=22 rescued=0 ignored=0
NOTE: if bootstrap-servers playbook failed with error. Failed to update apt cache: W:Updating from such a repository can't be done securely, and is therefore disabled by default, re-run the playbook.
Do pre-deployment checks for hosts
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-ansible -i ./multinode prechecks
... output omit
PLAY RECAP ******************************************************************************************************************************
localhost : ok=11 changed=0 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0
nuc111 : ok=93 changed=0 unreachable=0 failed=0 skipped=159 rescued=0 ignored=0
nuc71 : ok=29 changed=0 unreachable=0 failed=0 skipped=30 rescued=0 ignored=0
nuc72 : ok=28 changed=0 unreachable=0 failed=0 skipped=27 rescued=0 ignored=0
nuc73 : ok=28 changed=0 unreachable=0 failed=0 skipped=27 rescued=0 ignored=0
Run actual deployment
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-ansible -i ./multinode deploy
... output omit
PLAY RECAP ******************************************************************************************************************************
localhost : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
nuc111 : ok=287 changed=122 unreachable=0 failed=0 skipped=220 rescued=0 ignored=0
nuc71 : ok=59 changed=33 unreachable=0 failed=0 skipped=45 rescued=0 ignored=0
nuc72 : ok=54 changed=33 unreachable=0 failed=0 skipped=45 rescued=0 ignored=0
nuc73 : ok=54 changed=33 unreachable=0 failed=0 skipped=46 rescued=0 ignored=0
4. Access OpenStack
Install openstack client
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/master
Generate admin openrc and clouds.yaml
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-ansible post-deploy
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ ls -l
total 96
-rw------- 1 ycheng ycheng 565 Nov 5 23:38 admin-openrc.sh
-rw------- 1 ycheng ycheng 573 Nov 5 23:38 clouds.yaml
drwxrwxr-x 2 ycheng ycheng 4096 Nov 5 22:54 config
-rw-rw-r-- 1 ycheng ycheng 32846 Nov 5 22:27 globals.yml
-rw-rw-r-- 1 ycheng ycheng 9475 Nov 5 16:59 multinode
-rw-rw-r-- 1 ycheng ycheng 34047 Nov 5 17:10 passwords.yml
Access method 1: source admin-openrc.sh
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ source admin-openrc.sh
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ openstack catalog list
+-----------+----------------+---------------------------------------------------------------------------+
| Name | Type | Endpoints |
+-----------+----------------+---------------------------------------------------------------------------+
| nova | compute | RegionOne |
| | | public: http://192.168.1.250:8774/v2.1 |
| | | RegionOne |
| | | internal: http://192.168.1.250:8774/v2.1 |
| | | |
| cinderv3 | volumev3 | RegionOne |
| | | public: http://192.168.1.250:8776/v3/496d5b465e684f20a8217fa408728ac2 |
| | | RegionOne |
| | | internal: http://192.168.1.250:8776/v3/496d5b465e684f20a8217fa408728ac2 |
| | | |
| placement | placement | RegionOne |
| | | internal: http://192.168.1.250:8780 |
| | | RegionOne |
| | | public: http://192.168.1.250:8780 |
| | | |
| glance | image | RegionOne |
| | | internal: http://192.168.1.250:9292 |
| | | RegionOne |
| | | public: http://192.168.1.250:9292 |
| | | |
| keystone | identity | RegionOne |
| | | public: http://192.168.1.250:5000 |
| | | RegionOne |
| | | internal: http://192.168.1.250:5000 |
| | | |
| neutron | network | RegionOne |
| | | public: http://192.168.1.250:9696 |
| | | RegionOne |
| | | internal: http://192.168.1.250:9696 |
| | | |
| heat-cfn | cloudformation | RegionOne |
| | | internal: http://192.168.1.250:8000/v1 |
| | | RegionOne |
| | | public: http://192.168.1.250:8000/v1 |
| | | |
| heat | orchestration | RegionOne |
| | | public: http://192.168.1.250:8004/v1/496d5b465e684f20a8217fa408728ac2 |
| | | RegionOne |
| | | internal: http://192.168.1.250:8004/v1/496d5b465e684f20a8217fa408728ac2 |
| | | |
+-----------+----------------+---------------------------------------------------------------------------+
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ openstack compute service list
+--------------------------------------+----------------+--------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+--------------------------------------+----------------+--------+----------+---------+-------+----------------------------+
| 9cb2e662-0446-417d-9ecb-d0ef5679459e | nova-scheduler | nuc111 | internal | enabled | up | 2022-11-05T12:41:51.000000 |
| 19dc19a4-4d78-4909-95a4-60fda0e62839 | nova-conductor | nuc111 | internal | enabled | up | 2022-11-05T12:41:48.000000 |
| 795eefbd-9461-4462-8a68-125e77027a5b | nova-compute | nuc71 | nova | enabled | up | 2022-11-05T12:41:51.000000 |
| b1734c47-918c-4aee-9fc0-78326b4dde8e | nova-compute | nuc73 | nova | enabled | up | 2022-11-05T12:41:51.000000 |
| feb93682-0dab-4dc0-95cc-872d4196339d | nova-compute | nuc72 | nova | enabled | up | 2022-11-05T12:41:51.000000 |
+--------------------------------------+----------------+--------+----------+---------+-------+----------------------------+
Access method 2: use clouds.yaml
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cat clouds.yaml
clouds:
kolla-admin:
auth:
auth_url: http://192.168.1.250:5000
project_domain_name: Default
user_domain_name: Default
project_name: admin
username: admin
password: Lo6CMreQQAwHmp3sCjR0NqaqDm0fCoX7I0OBVY1c
region_name: RegionOne
kolla-admin-internal:
auth:
auth_url: http://192.168.1.250:5000
project_domain_name: Default
user_domain_name: Default
project_name: admin
username: admin
password: Lo6CMreQQAwHmp3sCjR0NqaqDm0fCoX7I0OBVY1c
interface: internal
region_name: RegionOne
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cp ./clouds.yaml /etc/openstack/
OR
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ mkdir ~/.config/openstack
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cp ./clouds.yaml ~/.config/openstack
OR
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ export OS_CLIENT_CONFIG_FILE=/etc/kolla/clouds.yaml
openstack command with "–os-cloud" option to choose cloud
(kolla-ansible-venv) ycheng@NUC10:~$ openstack --os-cloud kolla-admin compute service list
+--------------------------------------+----------------+--------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+--------------------------------------+----------------+--------+----------+---------+-------+----------------------------+
| 9cb2e662-0446-417d-9ecb-d0ef5679459e | nova-scheduler | nuc111 | internal | enabled | up | 2022-11-05T13:05:22.000000 |
| 19dc19a4-4d78-4909-95a4-60fda0e62839 | nova-conductor | nuc111 | internal | enabled | up | 2022-11-05T13:05:18.000000 |
| 795eefbd-9461-4462-8a68-125e77027a5b | nova-compute | nuc71 | nova | enabled | up | 2022-11-05T13:05:21.000000 |
| b1734c47-918c-4aee-9fc0-78326b4dde8e | nova-compute | nuc73 | nova | enabled | up | 2022-11-05T13:05:21.000000 |
| feb93682-0dab-4dc0-95cc-872d4196339d | nova-compute | nuc72 | nova | enabled | up | 2022-11-05T13:05:21.000000 |
+--------------------------------------+----------------+--------+----------+---------+-------+----------------------------+
5. Access Web GUI (Horizon)
Get admin password from admin-open.rc or clouds.yaml
Extra: create examples for demo
NOTE: copy "clouds.yaml" in controller node to /etc/kolla/ first.
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ ~/Data/kolla-ansible-venv/share/kolla-ansible/init-runonce
Checking for locally available cirros image.
None found, downloading cirros image.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 20.1M 100 20.1M 0 0 2928k 0 0:00:07 0:00:07 --:--:-- 4371k
Creating glance image.
+------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------+
| container_format | bare |
| created_at | 2022-11-06T01:03:54Z |
| disk_format | qcow2 |
| file | /v2/images/1fa43af3-ac22-4dba-85e9-04b21807c5d4/file |
| id | 1fa43af3-ac22-4dba-85e9-04b21807c5d4 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 496d5b465e684f20a8217fa408728ac2 |
| properties | os_hidden='False', os_type='linux', owner_specified.openstack.md5='', owner_specified.openstack.object='images/cirros', owner_specified.openstack.sha256='' |
| protected | False |
| schema | /v2/schemas/image |
| status | queued |
| tags | |
| updated_at | 2022-11-06T01:03:54Z |
| visibility | public |
+------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------+
Configuring neutron.
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-11-06T01:03:56Z |
| description | |
| distributed | False |
| enable_ndp_proxy | None |
| external_gateway_info | null |
| flavor_id | None |
| ha | False |
| id | d8adf379-d03a-4c58-80cb-9cf7003524a6 |
| name | demo-router |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| revision_number | 1 |
| routes | |
| status | ACTIVE |
| tags | |
| tenant_id | 496d5b465e684f20a8217fa408728ac2 |
| updated_at | 2022-11-06T01:03:56Z |
+-------------------------+--------------------------------------+
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-11-06T01:03:57Z |
| description | |
| dns_domain | None |
| id | 67e89302-e5c7-4a17-ad1c-675b664874c1 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1450 |
| name | demo-net |
| port_security_enabled | True |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| provider:network_type | vxlan |
| provider:physical_network | None |
| provider:segmentation_id | 472 |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 496d5b465e684f20a8217fa408728ac2 |
| updated_at | 2022-11-06T01:03:57Z |
+---------------------------+--------------------------------------+
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 10.0.0.2-10.0.0.254 |
| cidr | 10.0.0.0/24 |
| created_at | 2022-11-06T01:03:59Z |
| description | |
| dns_nameservers | 8.8.8.8 |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 10.0.0.1 |
| host_routes | |
| id | 312eff74-d80c-4281-a51a-9b4bed5132c4 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | demo-subnet |
| network_id | 67e89302-e5c7-4a17-ad1c-675b664874c1 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-11-06T01:03:59Z |
+----------------------+--------------------------------------+
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-11-06T01:04:03Z |
| description | |
| dns_domain | None |
| id | 17cb537a-88ac-42ed-9eb2-29177cb7490e |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | public1 |
| port_security_enabled | True |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| provider:network_type | flat |
| provider:physical_network | physnet1 |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 496d5b465e684f20a8217fa408728ac2 |
| updated_at | 2022-11-06T01:04:03Z |
+---------------------------+--------------------------------------+
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 10.0.2.150-10.0.2.199 |
| cidr | 10.0.2.0/24 |
| created_at | 2022-11-06T01:04:04Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | False |
| gateway_ip | 10.0.2.1 |
| host_routes | |
| id | 142f17ca-c06d-4c07-abdc-dc935b1b83a3 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | public1-subnet |
| network_id | 17cb537a-88ac-42ed-9eb2-29177cb7490e |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-11-06T01:04:04Z |
+----------------------+--------------------------------------+
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| created_at | 2022-11-06T01:04:11Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | b485970a-d7ee-43d2-a1ea-1e440be2dd12 |
| name | None |
| normalized_cidr | 0.0.0.0/0 |
| port_range_max | None |
| port_range_min | None |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| protocol | icmp |
| remote_address_group_id | None |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | ab6be57e-a748-4b92-bbe0-3d26bab3d60b |
| tags | [] |
| updated_at | 2022-11-06T01:04:11Z |
+-------------------------+--------------------------------------+
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| created_at | 2022-11-06T01:04:12Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | caec3c73-02cd-4f31-8c6c-c27370599559 |
| name | None |
| normalized_cidr | 0.0.0.0/0 |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| protocol | tcp |
| remote_address_group_id | None |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | ab6be57e-a748-4b92-bbe0-3d26bab3d60b |
| tags | [] |
| updated_at | 2022-11-06T01:04:12Z |
+-------------------------+--------------------------------------+
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| created_at | 2022-11-06T01:04:13Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 1b7a08bc-cdf3-4ced-a402-113302e5bd6a |
| name | None |
| normalized_cidr | 0.0.0.0/0 |
| port_range_max | 8000 |
| port_range_min | 8000 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| protocol | tcp |
| remote_address_group_id | None |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | ab6be57e-a748-4b92-bbe0-3d26bab3d60b |
| tags | [] |
| updated_at | 2022-11-06T01:04:13Z |
+-------------------------+--------------------------------------+
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| created_at | 2022-11-06T01:04:14Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 05ed928f-07b9-4af1-abf5-589a0493e206 |
| name | None |
| normalized_cidr | 0.0.0.0/0 |
| port_range_max | 8080 |
| port_range_min | 8080 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| protocol | tcp |
| remote_address_group_id | None |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | ab6be57e-a748-4b92-bbe0-3d26bab3d60b |
| tags | [] |
| updated_at | 2022-11-06T01:04:14Z |
+-------------------------+--------------------------------------+
Generating ssh key.
Generating public/private ecdsa key pair.
Your identification has been saved in /home/ycheng/.ssh/id_ecdsa
Your public key has been saved in /home/ycheng/.ssh/id_ecdsa.pub
The key fingerprint is:
SHA256:61Ij/vwAIbuaC7nT6W1LwCGCfJwNqhoJhq4+dia4Dao ycheng@NUC10
The key's randomart image is:
+---[ECDSA 256]---+
| . |
|+ o + |
|*+.+... |
|*+.. o . |
|+.o . . S |
|oo . ...o. |
|B. .o. oo. |
|=OoB. oo . |
|E=@oo. o+.. |
+----[SHA256]-----+
Configuring nova public key and quotas.
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| created_at | None |
| fingerprint | 4e:2d:29:67:6d:2e:af:24:b1:40:22:0a:79:d0:6e:35 |
| id | mykey |
| is_deleted | None |
| name | mykey |
| type | ssh |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
+-------------+-------------------------------------------------+
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| description | None |
| disk | 1 |
| id | 1 |
| name | m1.tiny |
| os-flavor-access:is_public | True |
| properties | |
| ram | 512 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
+----------------------------+----------+
| Field | Value |
+----------------------------+----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| description | None |
| disk | 20 |
| id | 2 |
| name | m1.small |
| os-flavor-access:is_public | True |
| properties | |
| ram | 2048 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+----------+
+----------------------------+-----------+
| Field | Value |
+----------------------------+-----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| description | None |
| disk | 40 |
| id | 3 |
| name | m1.medium |
| os-flavor-access:is_public | True |
| properties | |
| ram | 4096 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 2 |
+----------------------------+-----------+
+----------------------------+----------+
| Field | Value |
+----------------------------+----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| description | None |
| disk | 80 |
| id | 4 |
| name | m1.large |
| os-flavor-access:is_public | True |
| properties | |
| ram | 8192 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 4 |
+----------------------------+----------+
+----------------------------+-----------+
| Field | Value |
+----------------------------+-----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| description | None |
| disk | 160 |
| id | 5 |
| name | m1.xlarge |
| os-flavor-access:is_public | True |
| properties | |
| ram | 16384 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 8 |
+----------------------------+-----------+
Done.
To deploy a demo instance, run:
openstack --os-cloud=kolla-admin server create \
--image cirros \
--flavor m1.tiny \
--key-name mykey \
--network demo-net \
demo1
(kolla-ansible-venv) ycheng@NUC10:~/Data/kolla-ansible-venv/share/kolla-ansible$
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ openstack --os-cloud=kolla-admin server create \
--image cirros \
--flavor m1.tiny \
--key-name mykey \
--network demo-net \
demo1
+-------------------------------------+-----------------------------------------------+
| Field | Value |
+-------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | 6Fa52DZ6AXEy |
| config_drive | |
| created | 2022-11-06T01:08:01Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | b942a0c6-7541-4380-91a4-19a16d875860 |
| image | cirros (1fa43af3-ac22-4dba-85e9-04b21807c5d4) |
| key_name | mykey |
| name | demo1 |
| progress | 0 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2022-11-06T01:08:02Z |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
| volumes_attached | |
+-------------------------------------+-----------------------------------------------+
NOTE: configuration are located in /etc/kolla in all cluster nodes.
root@nuc111:/etc/kolla# ls -l
total 140
drwxrwx--- 2 root root 4096 Nov 5 11:44 cinder-api
drwxrwx--- 2 root root 4096 Nov 7 13:11 cinder-backup
drwxrwx--- 2 root root 4096 Nov 5 11:44 cinder-scheduler
drwxrwx--- 2 root root 4096 Nov 5 12:03 cinder-volume
drwxrwx--- 2 root root 4096 Nov 5 11:29 cron
drwxrwx--- 2 root root 4096 Nov 5 11:29 fluentd
drwxrwx--- 2 root root 4096 Nov 5 11:42 glance-api
drwxrwx--- 3 root root 4096 Nov 5 11:36 haproxy
drwxrwx--- 2 root root 4096 Nov 5 12:24 heat-api
drwxrwx--- 2 root root 4096 Nov 5 12:24 heat-api-cfn
drwxrwx--- 2 root root 4096 Nov 5 12:24 heat-engine
drwxrwx--- 2 root root 4096 Nov 5 12:25 horizon
drwxrwx--- 3 root root 4096 Nov 5 11:36 keepalived
drwxrwx--- 2 root root 4096 Nov 5 11:39 keystone
drwxrwx--- 2 root root 4096 Nov 5 11:39 keystone-fernet
drwxrwx--- 2 root root 4096 Nov 5 11:39 keystone-ssh
drwxrwx--- 2 root root 4096 Nov 5 11:29 kolla-toolbox
drwxrwx--- 2 root root 4096 Nov 5 11:37 mariadb
drwxrwx--- 2 root root 4096 Nov 5 11:37 mariadb-clustercheck
drwxrwx--- 2 root root 4096 Nov 5 11:38 memcached
drwxrwx--- 2 root root 4096 Nov 5 12:20 neutron-dhcp-agent
drwxrwx--- 2 root root 4096 Nov 5 12:21 neutron-l3-agent
drwxrwx--- 2 root root 4096 Nov 5 12:21 neutron-metadata-agent
drwxrwx--- 2 root root 4096 Nov 5 12:20 neutron-openvswitch-agent
drwxrwx--- 2 root root 4096 Nov 5 12:20 neutron-server
drwxrwx--- 2 root root 4096 Nov 5 12:07 nova-api
drwxrwx--- 2 root root 4096 Nov 5 12:05 nova-api-bootstrap
drwxrwx--- 2 root root 4096 Nov 5 12:06 nova-cell-bootstrap
drwxrwx--- 2 root root 4096 Nov 5 12:07 nova-conductor
drwxrwx--- 2 root root 4096 Nov 5 12:07 nova-novncproxy
drwxrwx--- 2 root root 4096 Nov 5 12:07 nova-scheduler
drwxrwx--- 2 root root 4096 Nov 5 12:18 openvswitch-db-server
drwxrwx--- 2 root root 4096 Nov 5 12:18 openvswitch-vswitchd
drwxrwx--- 2 root root 4096 Nov 5 12:05 placement-api
drwxrwx--- 2 root root 4096 Nov 5 11:39 rabbitmq
ubuntu@nuc71:~$ ls -al /etc/kolla/
total 44
drwxr-xr-x 11 root root 4096 Nov 5 12:20 .
drwxr-xr-x 107 root root 4096 Nov 5 12:07 ..
drwxrwx--- 2 root root 4096 Nov 5 11:29 cron
drwxrwx--- 2 root root 4096 Nov 5 11:29 fluentd
drwxrwx--- 2 root root 4096 Nov 5 11:29 kolla-toolbox
drwxrwx--- 2 root root 4096 Nov 5 12:20 neutron-openvswitch-agent
drwxrwx--- 2 root root 4096 Nov 5 12:08 nova-compute
drwxrwx--- 2 root root 4096 Nov 5 12:08 nova-libvirt
drwxrwx--- 2 root root 4096 Nov 5 12:08 nova-ssh
drwxrwx--- 2 root root 4096 Nov 5 12:18 openvswitch-db-server
drwxrwx--- 2 root root 4096 Nov 5 12:18 openvswitch-vswitchd
Extra: Add Ceph storage as an Cinder backend
NOTE: Refer to https://hackmd.io/8tkrVJP7QU-MjO-0_W13jQ for setup a Ceph storage.
This section provides steps to add a Ceph storage into Cinder volume as backend; and set Nova to use the Ceph storage for running instance.
Reference:
https://docs.ceph.com/en/latest/rbd/rbd-openstack/
https://docs.openstack.org/kolla-ansible/latest/reference/storage/external-ceph-guide.html
Create pool for volume
root@nuc111:~# ceph osd pool create volumes
pool 'volumes' created
root@nuc111:~# ceph osd pool create vms
pool 'vms' created
root@nuc111:~# ceph osd pool create backups
pool 'backups' created
root@nuc111:~# rbd pool init volumes
root@nuc111:~# rbd pool init vms
root@nuc111:~# rbd pool init backups
Note: we still create "backups" pool because "Kolla-Ansible" playbook still add Ceph keyring for cinder-backup no matter "nfs" is configured to cinder_backup_driver. I think its kinda of bug. Fail message if no keyring for "cinder-backup" configured.
TASK [cinder : Copy over Ceph keyring files for cinder-backup] ***************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option
failed: [nuc111] (item=cinder-backup/ceph.client.cinder.keyring) => {"ansible_loop_var": "item", "changed": false, "item": "cinder-backup/ceph.client.cinder.keyring", "msg": "Could not find or access '/etc/kolla/config/cinder/cinder-backup/ceph.client.cinder.keyring' on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option"}
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option
failed: [nuc111] (item=cinder-backup/ceph.client.cinder-backup.keyring) => {"ansible_loop_var": "item", "changed": false, "item": "cinder-backup/ceph.client.cinder-backup.keyring", "msg": "Could not find or access '/etc/kolla/config/cinder/cinder-backup/ceph.client.cinder-backup.keyring' on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option"}
Setup Ceph client authentication to create cinder user for accessing volumes and vms pool.
root@nuc111:~# ceph auth get-or-create client.cinder mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd pool=vms' mgr 'profile rbd pool=volumes, profile rbd pool=vms'
[client.cinder]
key = AQAC5nBjU4CrCRAAi3kUAheIpOz5dvWZKg9pNw==
Also for cinder-backup. (We still use NFS for cinder-backup anyway)
root@nuc111:/etc/kolla# ceph auth get-or-create client.cinder-backup mon 'profile rbd' osd 'profile rbd pool=backups' mgr 'profile rbd pool=backups'
[client.cinder-backup]
key = AQB++HBjbprHIBAAai68wc04/vfhYJGmNgTQoQ==
Copy the key to deploy node for cinder
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ mkdir -p ./config/cinder/cinder-volume/
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cat ./config/cinder/cinder-volume/ceph.client.cinder.keyring
[client.cinder]
key = AQAC5nBjU4CrCRAAi3kUAheIpOz5dvWZKg9pNw==
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ mkdir -p ./config/cinder/cinder-backup/
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cp ./config/cinder/cinder-volume/ceph.client.cinder.keyring ./config/cinder/cinder-backup/
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cat ./config/cinder/cinder-backup/ceph.client.cinder-backup.keyring
[client.cinder-backup]
key = AQB++HBjbprHIBAAai68wc04/vfhYJGmNgTQoQ==
NOTE: cinder-backup needs cinder and cinder-backup keys.
Copy ceph.conf to deploy node
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cat ./config/cinder/ceph.conf
# minimal ceph.conf for 16e21856-6030-11ed-8a24-db02e0e54b22
[global]
fsid = 16e21856-6030-11ed-8a24-db02e0e54b22
mon_host = [v2:192.168.1.23:3300/0,v1:192.168.1.23:6789/0]
NOTE: remove the "tab" in the ceph.conf. Otherwise kolla-ansible would fail with error.
TASK [cinder : Copying over ceph.conf for Cinder]
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: oslo_config.iniparser.ParseError: at line 3, Unexpected continuation line: '\tfsid = 16e21856-6030-11ed-8a24-db02e0e54b22'
fatal: [nuc111]: FAILED! => {"msg": "Unexpected failure during module execution.", "stdout": ""}
[global]
fsid =
mon_host =
Copy ceph.conf and cinder keyring for Nova
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ mkdir -p ./config/nova
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cp ./config/cinder/ceph.conf ./config/nova/
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ cp ./config/cinder/cinder-volume/ceph.client.cinder.keyring ./config/nova/
Check Ceph config files for kolla
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ tree ./config/
./config/
├── cinder
│ ├── ceph.conf
│ ├── cinder-backup
│ │ ├── ceph.client.cinder-backup.keyring
│ │ └── ceph.client.cinder.keyring
│ └── cinder-volume
│ └── ceph.client.cinder.keyring
├── nfs_shares
└── nova
├── ceph.client.cinder.keyring
└── ceph.conf
Config globals.yml
cinder_backend_ceph: "yes"
nova_backend_ceph: "yes"
ceph_cinder_keyring: "ceph.client.cinder.keyring"
ceph_cinder_user: "cinder"
ceph_cinder_pool_name: "volumes"
ceph_cinder_backup_keyring: "ceph.client.cinder-backup.keyring"
ceph_cinder_backup_user: "cinder-backup"
ceph_cinder_backup_pool_name: "backups"
ceph_nova_keyring: "{{ ceph_cinder_keyring }}"
ceph_nova_user: "{{ ceph_cinder_user }}"
ceph_nova_pool_name: "vms"
Apply configuration
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-ansible -i multinode deploy
Check cinder volume service status
root@nuc111:~# openstack volume service list
+------------------+--------------+------+---------+-------+----------------------------+
| Binary | Host | Zone | Status | State | Updated At |
+------------------+--------------+------+---------+-------+----------------------------+
| cinder-scheduler | nuc111 | nova | enabled | up | 2022-11-13T14:36:43.000000 |
| cinder-volume | nuc111@nfs-1 | nova | enabled | up | 2022-11-13T14:36:44.000000 |
| cinder-backup | nuc111 | nova | enabled | up | 2022-11-13T14:36:48.000000 |
| cinder-volume | nuc111@rbd-1 | nova | enabled | up | 2022-11-13T14:36:47.000000 |
+------------------+--------------+------+---------+-------+----------------------------+
The cinder-backup use NFS backup driver
root@nuc111:/etc/kolla/cinder-backup# cat cinder.conf | grep backup
backup_driver = cinder.backup.drivers.nfs.NFSBackupDriver
backup_mount_options =
backup_mount_point_base = /var/lib/cinder/backup
backup_share = nuc111:/kolla_nfs
backup_file_size = 327680000
Cinder volume has two backends enabled
root@nuc111:/etc/kolla/cinder-volume# cat cinder.conf | grep enabled_backends
enabled_backends = rbd-1,nfs-1
[rbd-1]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
volume_backend_name = rbd-1
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
rados_connect_timeout = 5
rbd_user = cinder
rbd_secret_uuid = a8c5fb21-a2da-46a3-9275-2c3365bc3a12
report_discard_supported = True
[nfs-1]
volume_driver = cinder.volume.drivers.nfs.NfsDriver
volume_backend_name = nfs-1
nfs_shares_config = /etc/cinder/nfs_shares
nfs_snapshot_support = True
nas_secure_file_permissions = False
nas_secure_file_operations = False
Create volume types
root@nuc111:/etc/kolla/cinder-volume# openstack volume type create ceph
+-------------+--------------------------------------+
| Field | Value |
+-------------+--------------------------------------+
| description | None |
| id | f2c1ce62-d33f-4045-b94b-fce501961679 |
| is_public | True |
| name | ceph |
+-------------+--------------------------------------+
root@nuc111:/etc/kolla/cinder-volume# openstack volume type set ceph --property volume_backend_name=rbd-1
root@nuc111:/etc/kolla/cinder-volume# openstack volume type list --long
+--------------------------------------+-------------+-----------+---------------------+-----------------------------+
| ID | Name | Is Public | Description | Properties |
+--------------------------------------+-------------+-----------+---------------------+-----------------------------+
| f2c1ce62-d33f-4045-b94b-fce501961679 | ceph | True | None | volume_backend_name='rbd-1' |
| f9782ab2-931d-430b-92dd-b6810677c0e0 | __DEFAULT__ | True | Default Volume Type | |
+--------------------------------------+-------------+-----------+---------------------+-----------------------------+
Test VM creation with ceph volume type
root@nuc111:/etc/kolla/cinder-volume# openstack flavor list
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
| 8f99ab4a-e2de-493d-9940-37de21dfd623 | 1c2r4d | 2048 | 4 | 0 | 1 | False |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
root@nuc111:/etc/kolla/cinder-volume# openstack keypair list
+-----------+-------------------------------------------------+
| Name | Fingerprint |
+-----------+-------------------------------------------------+
| key-pair1 | 31:a1:03:89:15:fb:5b:46:e7:b8:5a:94:8d:39:82:12 |
+-----------+-------------------------------------------------+
root@nuc111:/etc/kolla/cinder-volume# openstack image list
+--------------------------------------+-------------+--------+
| ID | Name | Status |
+--------------------------------------+-------------+--------+
| 1fa43af3-ac22-4dba-85e9-04b21807c5d4 | cirros | active |
| 40cbae5f-79ab-4c4f-ba97-fc97c6cd65f4 | ubuntu22.04 | active |
+--------------------------------------+-------------+--------+
root@nuc111:/etc/kolla/cinder-volume# openstack network list
+--------------------------------------+----------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+----------+--------------------------------------+
| 17cb537a-88ac-42ed-9eb2-29177cb7490e | public1 | 142f17ca-c06d-4c07-abdc-dc935b1b83a3 |
| 67e89302-e5c7-4a17-ad1c-675b664874c1 | demo-net | 312eff74-d80c-4281-a51a-9b4bed5132c4 |
+--------------------------------------+----------+--------------------------------------+
Create a VM with "ephemeral" disk.
root@nuc111:~# openstack server create --flavor 1c2r4d --image ubuntu22.04 --key-name key-pair1 --network demo-net ubuntu_vm
+-------------------------------------+----------------------------------------------------+
| Field | Value |
+-------------------------------------+----------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | s5vdJaDqsBh7 |
| config_drive | |
| created | 2022-11-14T11:58:01Z |
| flavor | 1c2r4d (8f99ab4a-e2de-493d-9940-37de21dfd623) |
| hostId | |
| id | 1adcbf1f-0dd9-4086-a67f-ccf73d8b94e6 |
| image | ubuntu22.04 (40cbae5f-79ab-4c4f-ba97-fc97c6cd65f4) |
| key_name | key-pair1 |
| name | ubuntu_vm |
| progress | 0 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2022-11-14T11:58:01Z |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
| volumes_attached | |
+-------------------------------------+----------------------------------------------------+
root@nuc111:~# openstack server show ubuntu_vm
+-------------------------------------+----------------------------------------------------------+
| Field | Value |
+-------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | nuc72 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | NUC7CJYHN2 |
| OS-EXT-SRV-ATTR:instance_name | instance-00000007 |
| OS-EXT-STS:power_state | Running |
| OS-EXT-STS:task_state | None |
| OS-EXT-STS:vm_state | active |
| OS-SRV-USG:launched_at | 2022-11-14T11:59:04.000000 |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | demo-net=10.0.0.142 |
| config_drive | |
| created | 2022-11-14T11:58:01Z |
| flavor | 1c2r4d (8f99ab4a-e2de-493d-9940-37de21dfd623) |
| hostId | 6a619bdab198165b54faafe85d858871dff1042234d57e47742b0720 |
| id | 1adcbf1f-0dd9-4086-a67f-ccf73d8b94e6 |
| image | ubuntu22.04 (40cbae5f-79ab-4c4f-ba97-fc97c6cd65f4) |
| key_name | key-pair1 |
| name | ubuntu_vm |
| progress | 0 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| properties | |
| security_groups | name='default' |
| status | ACTIVE |
| updated | 2022-11-14T11:59:04Z |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
| volumes_attached | |
+-------------------------------------+----------------------------------------------------------+
root@nuc111:~# rbd ls -l vms
NAME SIZE PARENT FMT PROT LOCK
1adcbf1f-0dd9-4086-a67f-ccf73d8b94e6_disk 2.2 GiB 2 excl
Test live migration
root@nuc111:~# openstack server migrate --live-migration ubuntu_vm
root@nuc111:~# openstack server show ubuntu_vm
+-------------------------------------+----------------------------------------------------------+
| Field | Value |
+-------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | nuc71 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | NUC7CJYHN1 |
| OS-EXT-SRV-ATTR:instance_name | instance-00000007 |
| OS-EXT-STS:power_state | Running |
| OS-EXT-STS:task_state | None |
| OS-EXT-STS:vm_state | active |
| OS-SRV-USG:launched_at | 2022-11-14T11:59:04.000000 |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | demo-net=10.0.0.142 |
| config_drive | |
| created | 2022-11-14T11:58:01Z |
| flavor | 1c2r4d (8f99ab4a-e2de-493d-9940-37de21dfd623) |
| hostId | c7db1b2553c921575d60036b5d792993c9a242db70405cb52bc0bfea |
| id | 1adcbf1f-0dd9-4086-a67f-ccf73d8b94e6 |
| image | ubuntu22.04 (40cbae5f-79ab-4c4f-ba97-fc97c6cd65f4) |
| key_name | key-pair1 |
| name | ubuntu_vm |
| progress | 0 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| properties | |
| security_groups | name='default' |
| status | ACTIVE |
| updated | 2022-11-14T12:33:46Z |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
| volumes_attached | |
+-------------------------------------+----------------------------------------------------------+
Create cinder volume on ceph
root@nuc111:~# openstack volume create --bootable --image ubuntu22.04 --type ceph --size 3 ubuntu22.04_boot_image
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2022-11-14T12:37:31.146975 |
| description | None |
| encrypted | False |
| id | 6c4f5912-4480-46cd-a960-f0a59a3f5d98 |
| migration_status | None |
| multiattach | False |
| name | ubuntu22.04_boot_image |
| properties | |
| replication_status | None |
| size | 3 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| type | ceph |
| updated_at | None |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
+---------------------+--------------------------------------+
root@nuc111:~# openstack volume list --long
+--------------------------------------+------------------------+-----------+------+------+----------+-------------+------------+
| ID | Name | Status | Size | Type | Bootable | Attached to | Properties |
+--------------------------------------+------------------------+-----------+------+------+----------+-------------+------------+
| 6c4f5912-4480-46cd-a960-f0a59a3f5d98 | ubuntu22.04_boot_image | available | 3 | ceph | true | | |
+--------------------------------------+------------------------+-----------+------+------+----------+-------------+------------+
root@nuc111:~# rbd ls -l volumes
NAME SIZE PARENT FMT PROT LOCK
volume-6c4f5912-4480-46cd-a960-f0a59a3f5d98 3 GiB 2
Create VM with the volume
root@nuc111:~# openstack server create --volume ubuntu22.04_boot_image --flavor 1c2r4d --key-name key-pair1 --network demo-net ubuntu22.04_ceph_volume_vm
+-------------------------------------+-----------------------------------------------+
| Field | Value |
+-------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | vTNp7WWrhuFi |
| config_drive | |
| created | 2022-11-14T12:41:40Z |
| flavor | 1c2r4d (8f99ab4a-e2de-493d-9940-37de21dfd623) |
| hostId | |
| id | b7143bbd-f23e-42f9-9125-0b61592602f0 |
| image | |
| key_name | key-pair1 |
| name | ubuntu22.04_ceph_volume_vm |
| progress | 0 |
| project_id | 496d5b465e684f20a8217fa408728ac2 |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2022-11-14T12:41:40Z |
| user_id | 6714a667d1e3406fab0c7add7d71d412 |
| volumes_attached | |
+-------------------------------------+-----------------------------------------------+
root@nuc111:~# openstack server list
+--------------------------------------+----------------------------+--------+---------------------+-------------+--------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------------------------+--------+---------------------+-------------+--------+
| b7143bbd-f23e-42f9-9125-0b61592602f0 | ubuntu22.04_ceph_volume_vm | ACTIVE | demo-net=10.0.0.182 | | 1c2r4d |
| 1adcbf1f-0dd9-4086-a67f-ccf73d8b94e6 | ubuntu_vm | ACTIVE | demo-net=10.0.0.142 | ubuntu22.04 | 1c2r4d |
+--------------------------------------+----------------------------+--------+---------------------+-------------+--------+
Extra: Use local docker registry to deploy (Not Work)
Create a local docker registry on host nuc10 for Kolla-Ansible
NOTE: This does not work because kolla-ansible use "quay.io" to pull images and under "openstack.kolla" organization. However the docker registry https://registry-1.docker.io does not have "openstack.kolla". This results image pull failure.
Error message exampes:
root@nuc111:~# docker pull nuc10:5000/openstack.kolla/fluentd:master-rocky-9
Error response from daemon: manifest for nuc10:5000/openstack.kolla/fluentd:master-rocky-9 not found: manifest unknown: manifest unknown
docker.errors.NotFound: 404 Client Error for http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A5000%2Fopenstack.kolla%2Ffluentd: Not Found (\"manifest for nuc10:5000/openstack.kolla/fluentd:master-rocky-9 not found: manifest unknown: manifest unknown
There is an way to make it work by build kolla images manually and push to local registry.
https://blog.csdn.net/weixin_40579389/article/details/124595609#t5
Create /etc/registry directory
root@NUC10:~# mkdir -p /etc/docker/registry
root@NUC10:~# cd /etc/docker/registry
root@NUC10:/etc/docker/registry#
Create docker-compose.yml file
root@NUC10:/etc/docker/registry# cat docker-compose.yml
version: '3'
services:
registry:
container_name: registry
image: registry:2
ports:
- "5000:5000"
environment:
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
volumes:
- /mnt/docker-registry-data:/data
- /etc/docker/registry/config.yml:/etc/docker/registry/config.yml
Create config.yml file
root@NUC10:/etc/docker/registry# cat ./config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
proxy:
remoteurl: https://registry-1.docker.io
Run docker registry container
root@NUC10:/etc/docker/registry# docker-compose up -d
Creating network "registry_default" with the default driver
Pulling registry (registry:2)...
2: Pulling from library/registry
ca7dd9ec2225: Pull complete
c41ae7ad2b39: Pull complete
1ed0fc8a6161: Pull complete
21df229223d2: Pull complete
626897ccab21: Pull complete
Digest: sha256:ce14a6258f37702ff3cd92232a6f5b81ace542d9f1631966999e9f7c1ee6ddba
Status: Downloaded newer image for registry:2
Creating registry ... done
Configure insecure-registries and registry-mirrors
root@NUC10:/etc/docker/registry# cat /etc/docker/daemon.json
{
"insecure-registries": ["nuc10:5000"],
"registry-mirrors": ["http://nuc10:5000"]
}
root@NUC10:/etc/docker/registry# systemctl restart docker
Test docker registry
root@NUC10:/etc/docker/registry# docker pull fedora
Using default tag: latest
latest: Pulling from library/fedora
cb8b1ed77979: Pull complete
Digest: sha256:f99efcddc4dd6736d8a88cc1ab6722098ec1d77dbf7aed9a7a514fc997ca08e0
Status: Downloaded newer image for fedora:latest
docker.io/library/fedora:latest
root@NUC10:/etc/docker/registry# du -sh /mnt/docker-registry-data/docker/registry/v2/
64M /mnt/docker-registry-data/docker/registry/v2/
NOTE: docker will query configured registry mirror which trigger mirror download image. You should see image data usage increased in "/mnt/docker-registry-data/docker/registry/v2/blobs/" )
If test success, configure /etc/docker/daemon.json on all OpenStack nodes. For example on controller host:
ubuntu@nuc111:~$ cat /etc/docker/daemon.json
{
"bridge": "none",
"ip-forward": false,
"iptables": false,
"insecure-registries" : ["nuc10:5000"],
"registry-mirrors": ["http://nuc10:5000"]
}
ubuntu@nuc111:~$ sudo systemctl restart docker
Edit globals.yml
docker_registry: nuc10:5000
docker_registry_insecure: "yes"
Run kolla-ansible
(kolla-ansible-venv) ycheng@NUC10:/etc/kolla$ kolla-ansible -i multinode deploy
NOTE: Do not run kolla-ansible precheck, it removes "registry-mirrors" in docker daemon config.
NOTE: We have to set "insecure-registries" because we do not use https.
Troubleshoot
Error when use local docker registry.
RUNNING HANDLER [common : Restart fluentd container] ****************************************************************************************
fatal: [nuc111]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/client.py\", line 268, in _raise_for_status\\n response.raise_for_status()\\n File \"/usr/lib/python3/dist-packages/requests/models.py\", line 940, in raise_for_status\\n raise HTTPError(http_error_msg, response=self)\\nrequests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A4000%2Fopenstack.kolla%2Ffluentd\\n\\nDuring handling of the above exception, another exception occurred:\\n\\nTraceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_hl3f6zvw/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 381, in main\\n File \"/tmp/ansible_kolla_docker_payload_hl3f6zvw/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 660, in recreate_or_restart_container\\n self.pull_image()\\n File \"/tmp/ansible_kolla_docker_payload_hl3f6zvw/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 450, in pull_image\\n json.loads(line.strip().decode(\\'utf-8\\')) for line in self.dc.pull(\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/local/lib/python3.8/dist-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\ndocker.errors.APIError: 500 Server Error for http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A4000%2Fopenstack.kolla%2Ffluentd: Internal Server Error (\"Get \"https://nuc10:4000/v2/\": http: server gave HTTP response to HTTPS client\")\\n'"}
fatal: [nuc72]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/client.py\", line 268, in _raise_for_status\\n response.raise_for_status()\\n File \"/usr/lib/python3/dist-packages/requests/models.py\", line 940, in raise_for_status\\n raise HTTPError(http_error_msg, response=self)\\nrequests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A4000%2Fopenstack.kolla%2Ffluentd\\n\\nDuring handling of the above exception, another exception occurred:\\n\\nTraceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_h4_q1cuz/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 381, in main\\n File \"/tmp/ansible_kolla_docker_payload_h4_q1cuz/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 660, in recreate_or_restart_container\\n self.pull_image()\\n File \"/tmp/ansible_kolla_docker_payload_h4_q1cuz/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 450, in pull_image\\n json.loads(line.strip().decode(\\'utf-8\\')) for line in self.dc.pull(\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/local/lib/python3.8/dist-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\ndocker.errors.APIError: 500 Server Error for http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A4000%2Fopenstack.kolla%2Ffluentd: Internal Server Error (\"Get \"https://nuc10:4000/v2/\": x509: certificate relies on legacy Common Name field, use SANs instead\")\\n'"}
fatal: [nuc111]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/client.py\", line 268, in _raise_for_status\\n response.raise_for_status()\\n File \"/usr/lib/python3/dist-packages/requests/models.py\", line 940, in raise_for_status\\n raise HTTPError(http_error_msg, response=self)\\nrequests.exceptions.HTTPError: 404 Client Error: Not Found for url: http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A5000%2Fopenstack.kolla%2Ffluentd\\n\\nDuring handling of the above exception, another exception occurred:\\n\\nTraceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_s36ljb33/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 381, in main\\n File \"/tmp/ansible_kolla_docker_payload_s36ljb33/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 651, in recreate_or_restart_container\\n self.start_container()\\n File \"/tmp/ansible_kolla_docker_payload_s36ljb33/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 669, in start_container\\n self.pull_image()\\n File \"/tmp/ansible_kolla_docker_payload_s36ljb33/ansible_kolla_docker_payload.zip/ansible/module_utils/kolla_docker_worker.py\", line 450, in pull_image\\n json.loads(line.strip().decode(\\'utf-8\\')) for line in self.dc.pull(\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/local/lib/python3.8/dist-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/local/lib/python3.8/dist-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\ndocker.errors.NotFound: 404 Client Error for http+docker://localhost/v1.41/images/create?tag=master-rocky-9&fromImage=nuc10%3A5000%2Fopenstack.kolla%2Ffluentd: Not Found (\"manifest for nuc10:5000/openstack.kolla/fluentd:master-rocky-9 not found: manifest unknown: manifest unknown\")\\n'"}
kolla-ansible cli
kolla-ansible -i INVENTORY deploy is used to deploy and start all Kolla containers.
kolla-ansible -i INVENTORY destroy is used to clean up containers and volumes in the cluster.
kolla-ansible -i INVENTORY mariadb_recovery is used to recover a completely stopped mariadb cluster.
kolla-ansible -i INVENTORY prechecks is used to check if all requirements are meet before deploy for each of the OpenStack services.
kolla-ansible -i INVENTORY post-deploy is used to do post deploy on deploy node to get the admin openrc file.
kolla-ansible -i INVENTORY pull is used to pull all images for containers.
kolla-ansible -i INVENTORY reconfigure is used to reconfigure OpenStack service.
kolla-ansible -i INVENTORY upgrade is used to upgrades existing OpenStack Environment.
kolla-ansible -i INVENTORY stop is used to stop running containers.
kolla-ansible -i INVENTORY deploy-containers is used to check and if necessary update containers, without generating configuration.
kolla-ansible -i INVENTORY prune-images is used to prune orphaned Docker images on hosts.
kolla-ansible -i INVENTORY genconfig is used to generate configuration files for enabled OpenStack services, without then restarting the containers so it is not applied right away.
kolla-ansible -i INVENTORY1 -i INVENTORY2 ... Multiple inventories can be specified by passing the --inventory or -i command line option multiple times. This can be useful to share configuration between multiple environments. Any common configuration can be set in INVENTORY1 and INVENTORY2 can be used to set environment specific details.
kolla-ansible -i INVENTORY gather-facts is used to gather Ansible facts, for example to populate a fact cache.
Todo
- Swift storage
Reference
- https://docs.openstack.org/kolla-ansible/latest/user/multinode.html
- https://docs.openstack.org/project-deploy-guide/kolla-ansible/queens/multinode.html
- https://www.packetcoders.io/openstack-installation-via-kolla-anisble/
- https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html
- https://zhuanlan.zhihu.com/p/143327139
- https://cdn.igene.tw/kolla-ansible-deploy
- https://docs.openstack.org/kolla-ansible/queens/reference/cinder-guide.html
- https://docs.openstack.org/python-openstackclient/pike/configuration/index.html
- https://docs.openstack.org/kolla-ansible/latest/user/multinode.html
- https://abayard.com/openstack-kolla-deploy-external-ceph-ansible/
- https://docs.openstack.org/cinder/latest/admin/default-volume-types.html
- https://www.jianshu.com/p/56717aca4ab2
- https://www.linuxjournal.com/content/build-versatile-openstack-lab-kolla
- https://ithelp.ithome.com.tw/articles/10271837
- https://docs.openstack.org/kolla-ansible/latest/user/operating-kolla.html
- https://techglimpse.com/why-does-openstack-report-hypervisor-type-as-qemu-when-libvirt_type-is-kvm/
